Guest

Preview Tool

Cisco Bug: CSCum52008 - Session token in URL under troubleshooting path

Last Modified

Jun 09, 2016

Products (1)

  • Cisco Identity Services Engine

Known Affected Releases

1.2(1.901) 1.3(120.129)

Description (partial)

Symptom:
ISE should be hardened to use Cookie or POST to pass Session Identifiers.

Conditions:
CSRF token ID is passed within URL admin/pages/modules/monitor/troubleshoot/
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.